Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
File: 36BC18E426EE11EF93DEE929C4F9AE02.roa (raw, json)
Hash identifier: xhwuYw7pak84jlM63LHr7CHjEEYIBcB0b7ghxmdVT1A=
Subject key identifier: 5E:C5:CF:C3:81:24:FA:A2:B2:4B:DD:94:EE:35:06:0C:E7:6E:2C:AE
Certificate issuer: /CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A
Certificate serial: 02
Authority key identifier: 22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
Signing time: Mon 10 Jun 2024 05:56:43 +0000
ROA not before: Mon 10 Jun 2024 05:56:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152906
IP address blocks: 160.22.104.0/23 maxlen: 23
160.22.104.0/24 maxlen: 24
160.22.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 11:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A
Validity
Not Before: Jun 10 05:56:43 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6666959b-a366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:e3:7c:ff:6d:1e:04:7f:af:e4:15:ed:67:
0e:16:4a:2b:1d:f8:35:b3:c4:f2:26:97:ea:ab:ca:
6b:72:1e:b7:49:fa:b8:fa:b2:c1:51:40:e0:1d:51:
b2:e0:ee:4e:d6:e0:b3:54:01:d3:85:ed:c5:e9:e3:
4a:38:f2:57:6d:ae:56:d4:69:02:b7:c7:bb:96:fe:
b9:b1:26:bb:19:e3:bd:20:0b:cc:d6:14:c9:80:6c:
86:fd:80:8a:7d:fe:d2:13:ec:3c:1c:71:9d:48:0f:
c0:95:02:d6:0f:6f:ae:94:8c:cb:e7:cd:c4:3a:72:
c9:43:fe:3d:77:f3:ea:ff:39:a6:6f:aa:46:02:27:
70:df:fd:26:9a:11:b3:7d:1f:55:40:f9:33:a3:c4:
1a:bd:af:d1:0a:df:8c:11:1e:22:de:2c:36:88:11:
26:ff:2b:de:7a:69:56:59:73:15:be:e4:1d:52:cc:
a9:e1:a5:e2:d2:49:b9:70:e9:3a:f2:34:93:05:4c:
57:70:c2:21:9c:ec:88:0d:b4:3b:10:47:e9:dc:f6:
9a:6f:2b:27:9d:7b:ae:80:52:a6:6b:c6:90:ad:56:
a1:3d:a2:67:14:da:e2:d7:76:56:55:01:22:c4:19:
c7:d8:c7:d0:63:d3:d0:63:cf:c3:ca:20:cb:1d:68:
25:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C5:CF:C3:81:24:FA:A2:B2:4B:DD:94:EE:35:06:0C:E7:6E:2C:AE
X509v3 Authority Key Identifier:
keyid:22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/36BC18E426EE11EF93DEE929C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.104.0/23
Signature Algorithm: sha256WithRSAEncryption
82:68:7b:b2:d9:e4:15:75:14:73:d8:60:4f:6c:e8:98:45:5b:
31:64:b9:0a:f8:2b:6c:c3:70:de:95:fd:98:1f:6b:69:85:0d:
fb:b0:a8:8a:29:21:96:f3:6f:f5:dd:81:58:08:26:7a:6a:d4:
16:71:6c:c2:83:24:9d:c7:d0:1a:d1:ee:ba:dc:03:1f:78:85:
5f:04:4d:34:e9:07:ec:21:bb:49:0c:57:b8:5c:ad:d3:d5:00:
e8:07:08:76:46:2a:52:e7:cc:4d:59:9b:e2:ba:14:9b:ce:a1:
28:f6:fd:7e:67:45:0f:89:21:43:86:51:94:3d:2b:04:c6:fc:
03:92:41:96:a4:ee:d7:49:1d:aa:83:18:6c:8f:b2:e8:ae:37:
24:b4:b3:c4:c4:d6:f7:8d:ff:c6:c9:05:a7:61:cf:8b:aa:40:
03:31:6a:fd:1c:2c:cf:ae:ad:69:94:9d:f3:94:78:1e:55:c6:
e1:58:dd:0c:eb:68:0b:47:08:0f:42:fd:82:38:38:86:78:ce:
1a:cd:b8:f8:f3:4c:98:29:90:da:12:d5:68:aa:6e:41:88:a4:
cf:c4:cb:4d:9c:26:b8:50:07:48:1b:64:2f:1d:4b:36:71:8b:
ee:f1:9c:0a:20:2c:49:97:8a:7f:d6:69:81:8c:b5:51:bf:94:
77:f5:31:e0
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
ODNEQzExMC8GA1UEBRMoMjI0RTY2OEY0MDU2MDFDQURDMzM5MTM4M0ZDQTk2REY5
NDY4RDk1QTAeFw0yNDA2MTAwNTU2NDNaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjY5NTliLWEzNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnDeN8/20eBH+v5BXtZw4WSisd+DWzxPIml+qrymtyHrdJ+rj6ssFRQOAdUbLg
7k7W4LNUAdOF7cXp40o48ldtrlbUaQK3x7uW/rmxJrsZ470gC8zWFMmAbIb9gIp9
/tIT7DwccZ1ID8CVAtYPb66UjMvnzcQ6cslD/j138+r/OaZvqkYCJ3Df/SaaEbN9
H1VA+TOjxBq9r9EK34wRHiLeLDaIESb/K956aVZZcxW+5B1SzKnhpeLSSblw6Try
NJMFTFdwwiGc7IgNtDsQR+nc9ppvKyede66AUqZrxpCtVqE9omcU2uLXdlZVASLE
GcfYx9Bj09Bjz8PKIMsdaCXLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXsXPw4Ek
+qKyS92U7jUGDOduLK4wHwYDVR0jBBgwFoAUIk5mj0BWAcrcM5E4P8qW35Ro2Vow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4M0RDLzk5Qzc0ODg4MjZF
RDExRUZCNEM5QkEyOEM0RjlBRTAyL0lrNW1qMEJXQWNyY001RTRQOHFXMzVSbzJW
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSWs1bWowQldBY3JjTTVFNFA4cVczNVJvMlZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODNEQy85OUM3NDg4ODI2RUQxMUVGQjRDOUJBMjhDNEY5QUUwMi8zNkJDMThFNDI2
RUUxMUVGOTNERUU5MjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWaDANBgkqhkiG9w0BAQsFAAOCAQEAgmh7stnkFXUUc9hg
T2zomEVbMWS5CvgrbMNw3pX9mB9raYUN+7CoiikhlvNv9d2BWAgmemrUFnFswoMk
ncfQGtHuutwDH3iFXwRNNOkH7CG7SQxXuFyt09UA6AcIdkYqUufMTVmb4roUm86h
KPb9fmdFD4khQ4ZRlD0rBMb8A5JBlqTu10kdqoMYbI+y6K43JLSzxMTW943/xskF
p2HPi6pAAzFq/Rwsz66taZSd85R4HlXG4VjdDOtoC0cID0L9gjg4hnjOGs24+PNM
mCmQ2hLVaKpuQYikz8TLTZwmuFAHSBtkLx1LNnGL7vGcCiAsSZeKf9ZpgYy1Ub+U
d/Ux4A==
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:31 2024 by rpki-client on console-ams.rpki-client.org